[Bug 2652] PKCS11 login skipped if login required and no pin set

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Feb 27 00:39:47 AEDT 2018


--- Comment #16 from Daniel Kucera <openssh at danman.eu> ---
(In reply to Jakub Jelen from comment #15)
> One more thing. Will a *ssh-agent* work for you with stock OpenSSH?
> To my understanding, it already does a login before listing the
> keys, so a workaround could be using the keys from ssh-agent:
>   eval `ssh-agent`
>   ssh-add -s /usr/lib/eidklient/libpkcs11_sig_x64.so
>   ssh user at moj.server.sk

$ ssh-add -s /usr/lib/eidklient/libpkcs11_sig_x64.so
Enter passphrase for PKCS#11: 
Could not add card "/usr/lib/eidklient/libpkcs11_sig_x64.so": agent
refused operation

What kind of passphrase does it ask for? I tried card pin but without

You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list